Monthly Archives: February 2013

Companies fear reputation for bad security

As more companies come out of the closet about their Internet security being compromised, still more start to admit it. But many (perhaps most) don’t even know. Fortunately, there is a way the public can get a clue even about those companies.

Nicole Perlroth wrote for the NYTimes 20 February 2013 that corporations try to hide successful cracking of their Internet security:

Most treat online attacks as a dirty secret best kept from customers, shareholders and competitors, lest the disclosure sink their stock price and tarnish them as hapless.

However, as some companies come out of the closet about this (Twitter, Facebook, Apple, etc.) and such

revelations become more common, the threat of looking foolish fades and more companies are seizing the opportunity to take the leap in a crowd.

“There is a ‘hide in the noise’ effect right now,” said Alan Paller, director of research at the SANS Institute, a nonprofit security research and education organization. “This is a particularly good time to get out the fact that you got hacked, because if you are one of many, it discounts the starkness of the announcement.”

Now here’s the interesting part:

Continue reading

Primus dropped out of January 2013 Canada SpamRankings.net

The big winner was AS 7788 MAGMA-COMM, which dropped from #3 to #147 by decreasing from millions to less than a thousand spam messages in the January 2013 SpamRankings.net for Canada Canada. Magma had a brief spate of Kelihos spam in the middle of the month, but it only lasted less than a week. Almost as good was AS 6407 PRIMUS-AS6407, dropping from millions the previous month to a few hundred thousand, and from #6 to #11. That one while beating its Kelihos problem, seems to have developed a Cutwail problem, which was sending increasingly more spam at the end of the month. Since Magma was bought by Primus in 2004, Primus gets double congratulations!

-jsq

Belgium: Easyhost still bad, Nucleus climbing, Stone dropped out in January 2013 SpamRankings.net

Easyhost's AS 49512 tripled its spam, sending 97% of the total top 10 spam in the January 2013 SpamRankings.net for Belgium Belgium. Easyhost did start dropping in the last week. Nucleus BVBA's AS 39318 came up from nowhere to #2 with more than a million spam messages, mostly in the last week. And Stone Internet Services' AS 39234 dropped like a rock, from 9,149 spam messages last month for #8, to only 2,944 this month and #20.

-jsq

DorukNet outspammed Turkey again in January 2013 SpamRankings.net

DorukNet logo For two months in a row, DorukNet’s AS 8685 has spammed the most in the January 2013 SpamRankings.net for Turkey Turkey from CBL data. 2011 March-April, AS 8685 DORUKNET, Turkey, SpamRankings.net Before that, it was #6 in November 2012 and also #6 April 2011.

In April 2011 the problem was apparently Lethic with a max of 87,852 on 1 April 2011. DorukNet seemed to have a bit of maazben, cutwail, etc. at that time, but very little compared to Lethic.

2012 November, AS 8685 DORUKNET, Turkey, SpamRankings.net

In November 2012 the problem was apparently Kelihos with a max of 299,873 on 7 November 2012.

This recent DorukNet peak that looks like Mt. Ararat was up to 13,569,282 on 18 January 2013, apparently from darkmailer2. DorukNet is actually improving since that peak, but meanwhile it managed to increase its December spam total of 54,803,032 to 324,544,788 in January 2013.

Continue reading

January 2013 SpamRankings.net

Most worsened: AS 10297 COLUMBUSNAP US, from #91 to #6 worldwide in January 2013. Most improved: AS 48347 MTW-AS RU, from #8 to less than 250. Surprise entrant: AS 8685 DORUKNET TR. Still #1 for fourth month: AS 16276 OVH FR.

-jsq